CryptoForDay

Your daily dose of crypto news

North Korean Hackers Target Crypto Firms with ‘Durian’ Malware

2 min read

North Korean Hackers Target Crypto Firms with 'Durian' Malware

A recent threat report from cybersecurity firm Kaspersky has revealed that North Korean hackers are using a new malware called “Durian” to target South Korean crypto companies. The Kimsuky hacking group has already launched attacks on at least two cryptocurrency firms using this malware. The attack was carried out by exploiting security software that is widely used by crypto companies in South Korea. Durian is a previously unknown malware that acts as an installer for various types of malicious software, including a backdoor called “AppleSeed,” a custom proxy tool known as LazyLoad, and legitimate tools like Chrome Remote Desktop.

Durian comes equipped with a range of backdoor functionalities, allowing the hackers to execute commands, download additional files, and extract files from the compromised systems. Kaspersky also noted that LazyLoad has been used by Andariel, a subgroup within the notorious North Korean hacking consortium, Lazarus Group. This connection suggests a possible link between Kimsuky and the more well-known hacking group.

Lazarus Group has been active since 2009 and has gained a reputation as one of the most infamous groups of crypto hackers. In April 2023, it was revealed that Lazarus had managed to launder over $200 million in stolen cryptocurrency between 2020 and 2023. In total, the group is believed to have stolen over $3 billion in crypto assets over the span of six years leading up to 2023. In that same year, Lazarus was responsible for stealing over 17%, or $309 million, of the total amount stolen through hacks and exploits.

According to a report by Immunefi published on December 28, 2023, more than $1.8 billion worth of cryptocurrency was lost due to hacks and exploits throughout the year. This highlights the ongoing threat faced by the crypto industry from hackers and the urgent need for robust cybersecurity measures.

It is concerning that North Korean hackers are now utilizing the Durian malware to target South Korean crypto companies. The fact that this malware was able to exploit legitimate security software used exclusively by crypto firms demonstrates the sophistication of these attacks. It also raises questions about the effectiveness of current security measures and the need for continuous improvement to protect against such threats.

The emergence of the Durian malware and its use by North Korean hackers to target crypto firms in South Korea highlights the constant and evolving threat faced by the industry. The connection between Kimsuky and Lazarus Group suggests a collaboration or shared knowledge between these hacking groups. The significant amount of stolen crypto attributed to Lazarus highlights the financial impact of such attacks. As the crypto industry continues to grow, it is crucial for companies to prioritize robust cybersecurity measures to safeguard their assets and protect against these advanced hacking techniques.

19 thoughts on “North Korean Hackers Target Crypto Firms with ‘Durian’ Malware

  1. It’s disheartening to see the crypto industry continually targeted by hackers. Attacks like the one using the Durian malware emphasize the need for constant vigilance and improvement in security measures. Together, we can combat these threats.

  2. Cybersecurity should be a top priority for all crypto companies. The Durian malware and its exploitation of legitimate security software highlight the urgency to invest in advanced protection measures. Let’s stay one step ahead of hackers! 🚀🔐

  3. The fact that these attacks are becoming more sophisticated is truly concerning. Companies need to adapt quickly to protect themselves.

  4. The Durian malware is an alarming development that should serve as a wake-up call to the crypto industry. This incident exposes the vulnerabilities in current security measures and highlights the urgent need for continuous improvement and innovation.

  5. The collaboration between Kimsuky and Lazarus Group is an ominous sign. These hacking groups are leveraging each other’s expertise and resources, making their attacks even more potent. The crypto industry needs to unite against these threats and strengthen its defenses. 🤝🔒

  6. Seriously, crypto companies need to step up their security game. This is getting ridiculous.

  7. The connection between Kimsuky and Lazarus Group raises some interesting questions about collaboration and shared knowledge among hacking groups. It’s crucial for authorities to investigate and take action against these cybercriminals. 🕵️‍♀️🔍

  8. The ongoing threat faced by the crypto industry from hackers cannot be underestimated. The $1.8 billion lost throughout the year is a staggering amount. It’s high time for crypto companies to invest in cutting-edge cybersecurity technologies.

  9. It’s shocking to see the scale of the theft carried out by Lazarus Group. How are they able to launder billions of dollars in cryptocurrency?

  10. This is a very concerning development. The Durian malware being used by North Korean hackers shows just how sophisticated and persistent these threats can be. Crypto companies in South Korea need to take immediate action to strengthen their cybersecurity defenses.

  11. The financial impact of Lazarus Group’s crypto thefts is staggering. This underscores the necessity for crypto companies to prioritize cybersecurity and invest in comprehensive defense strategies. We need to ensure the safety of our digital assets. 💵🔒

  12. The emergence of Durian as a new malware used by North Korean hackers is deeply concerning. It’s a strong reminder that the crypto industry needs to be ever-vigilant and proactive in adopting the latest cybersecurity measures.

  13. This is a wake-up call for the crypto industry. They can’t afford to be lax with their security anymore.

  14. I can’t believe a malware like Durian could exploit security software used by crypto firms. That’s just embarrassing.

  15. The use of Durian by North Korean hackers demonstrates the need for continuous improvement and innovation in the cybersecurity field. Let’s stay ahead of these threats and keep our crypto assets safe from malicious actors.

  16. The fact that Durian was able to exploit legitimate security software used by crypto firms is deeply concerning. It’s high time for the industry to invest in advanced and adaptive security measures to stay one step ahead of hackers.

  17. The $1.8 billion worth of cryptocurrency lost in 2023 due to hacks and exploits is a staggering figure. It’s clear that the crypto industry needs to ramp up its cybersecurity efforts to protect against these relentless threats.

  18. These hackers are relentless. It’s disheartening to see the constant threat faced by the crypto industry.

  19. The collaboration between hacking groups like Kimsuky and Lazarus Group poses a formidable challenge to the crypto industry. It’s crucial for companies to join forces, share knowledge, and develop stronger security measures to counter these threats.

Leave a Reply

Copyright © All rights reserved.